Richard Bejtlich's blog on digital security, strategic thought, and military history.

Sunday, May 16, 2010

Review of Cyberpunk Posted

Amazon.com just posted my four star review of Cyberpunk by Katie Hafner and John Markoff. From the review:

Cyberpunk is a unique exploration of three distinct digital security stories. Authors Katie Hafner and John Markoff describe the histories of Kevin Mitnick and friends, Hans Heinrich Hübner and the Hannover hackers, and Robert T Morris and family. This approach is interesting because all three tales are told independently, yet key events occur within a few years of each other and some overlap...

I don't usually include material beyond the first paragraph from my review announcements, but I loved these excerpts:

I'd like to conclude by citing some of my favorite excerpts. First, when describing Digital's Palo Alto security, the authors write:

"[I]n recognition of the open-mindedness back at corporate headquarters, the computer scientists in Palo Alto took great care to operate their precious gateway responsibly. To give the best possible oversight both for maintenance and security, Ph.D's in computer science took turns poring over daily log files... So it was only a matter of hours after the intrusions into the Palo Alto computers began that the gateway watchers there noticed something amiss." (emphasis added) p 118

"We seem to be totally defenseless against these people. We have repeatedly rebuilt system after system and finally management has told the system support group to ignore the problem... I want to make sure someone at network security knows that we are being ***** (censored) in broad daylight. These people freely walk into our systems and are taking restricted, confidential, and proprietary information." (emphasis added) p 120

Third, nothing changes:

"Digital might be reluctant to press charges... [F]ew of the computer crimes detected were ever reported to the police and still fewer were made public through criminal charges... [C]ompanies worried about having their vulnerabilities publicized." p 125

Though nearly 20 years old, Cyberpunk still shares many traits with the modern digital security world.